Learn how Qualys BrowserCheck can make sure your PCs and browsers are up to date.

The Web has become a hub of information and productivity, making the web browser one of the most-used applications. This has drawn the attention of cyber criminals—making it a potential Achilles heel for security. This paper from the Bradley Strategy Group describes how users and businesses can protect their PCs using Qualys BrowserCheck, a free cloud-based service.

"Security and Trust: The Backbone of Doing Business Over the Internet"

Gaining the trust of online customers is vital for the success of any company that requires sensitive data to be transmitted over the Web. Most consumers are concerned that their sensitive information will be intercepted in-transit, or perhaps the destination web site is manned by imposters with malicious intent.

Read this white paper and learn how to best implement a security strategy that keeps consumers' information secure and instills the confidence they need to proceed with transactions.

Sponsored by: Symantec Website Security Solutions
Download you free copy of "Security and Trust: The Backbone of Doing Business Over the Internet" -- here

With over 144 billion emails sent every day, spammers and phishers have a rapidly growing playground for their attacks.

Keeping your customers safe goes hand in hand with keeping them happy. For instance, customers are 42% less likely to do business with a company that has undergone a phishing attack.

Domain-based Message Authentication, Reporting & Conformance (DMARC) has been created as a standard to help properly authenticate your sends and monitor and report phishers that are trying to send from your name. Download this white paper and learn why to keep your brand and customers safe from virtual attackers, implementing DMARC is critical for your email sends.

A guide to programming Linux kernel modules.
An excellent guide for anyone wishing to get started on kernel module programming. The author takes a hands-on approach starting with writing a small "hello, world" program, and quickly moves from there.

Far from a boring text on programming, Linux Kernel Module Programming Guide has a lively style that entertains while it educates.

Finally, a comprehensive guide to the Linux VM! This book describes VM in unprecedented detail, presenting both theoretical foundations and a line-by-line source code commentary.

VM's behavior affects every Linux kernel subsystem and dramatically impacts overall performance. But until now, there was only one way to understand VM: study the poorly documented source one line at a time. Now there's an easier, faster alternative. It systematically covers everything from physical memory description to out-of-memory management. Coverage includes:

* Linux VM 2.4 architecture in depth-with diagrams and call graphs
* Physical memory description, page tables, address spaces, and memory allocation
* High memory, swapping, shared memory, and much more
* Expert guidance for analyzing the code of any open source project
* New Linux 2.6 kernel features in every chapter

Well organized and superbly written, Understanding the Linux Virtual Memory Manager will be indispensable to every kernel programmer and researcher.

"Beginner's Guide to SSL Certificates: Making the Best Choice When Considering Your Online Security Options"

SSL stands for “Secure Socket Layer.” It is a technology that establishes a secure session link between the visitor's web browser and your website so that all communications transmitted through this link are encrypted and are, therefore, secure. SSL is also used for transmitting secure email, secure files, and other forms of information.

Whether you are an individual or a company, you should approach online security in the same way that you would approach physical security for your home or business. Not only does it make you feel safer but it also protects people who visit your home, place of business, or website. It is important to understand the potential risks and then make sure you are fully protected against them. In the fast-paced world of technology, it is not always easy to stay abreast of the latest advancements. For this reason it is wise to partner with a reputable Internet security company.

Jamie Cameron walks you through more than 50 essential Webmin tasks--offering all the background you need, step-by-step instructions, extensive screen captures, and listings of the underlying configuration files that are being modified. Whether you're new to Linux/UNIX system administration or you simply want an alternative to the command line, Managing Linux® Systems with Webmin will be an indispensable resource.

Linux® Patch Management offers Linux professionals start-to-finish solutions, strategies, and examples for every environment, from single computers to enterprise-class networks.

Michael Jang presents patching solutions for Red Hat, Fedora, SUSE, Debian, and other distributions. He systematically covers both distribution-specific tools and widely used community tools, such as apt and yum. This book's streamlined patch management techniques minimize impacts on users, networks, and administrators, and address applications as well as the underlying OS. Whatever your role in managing Linux® systems, Linux Patch® Management will reduce your costs, enhance the availability of your systems, and dramatically improve your personal efficiency.

* The first start-to-finish guide to patching Linux® systems in production environments For Red Hat, Fedora, SUSE, Debian, and other leading distributions
* Comprehensive coverage of apt, yum, Red Hat Network, YaST Online Update, Zenworks Linux Management, and other tools
* High-efficiency techniques that minimize impacts on networks, users, and administrators
* Consolidating patches on a Red Hat network, including cached updates, as well as patching systems based on RHEL rebuild distributions
* Working with SUSE's update systems, including YaST Online Update and Zenworks Linux Management
* Making the most of apt commands and the GUI-based Synaptic Package Manager
* Configuring apt for RPM distributions such as Fedora and SUSE Linux
* Creating repositories that can manage gigabytes of patches on diverse Linux® systems
* Updating networks of Linux computers without overloading WAN or Internet connections
* Configuring yum clients, including coverage of emerging GUI tools such as Yum Extender

By: Michael Jang. Published by Prentice Hall. Part of the Bruce Perens' Open Source Series.

With User Mode Linux®; you can create virtual Linux machines within a Linux computer and use them to safely test and debug applications, network services, and even kernels. You can try out new distributions, experiment with buggy software, and even test security. Now, for the first time, the creator and maintainer of User Mode Linux®; shows how to put it to work hands-on. Jeff Dike covers everything from getting started through running enterprise-class User Mode Linux® servers. Coverage includes:

Linux is the fastest-growing Java development platform because it saves money and time by serving as a platform for both development and deployment. But developers face significant platform-specific challenges when managing and deploying Java applications in a controlled production environment.

Written for Java and Linux developers alike, Java™ Application Development on Linux® is the hands-on guide to the full Java application development lifecycle on Linux.

Determined to spare other developers hours of trial and error, Albing and Schwarz demonstrate the platform, tools, and application development by showing realistic, easy-to-follow examples. After a simple command-line application introduces basic tools, this program leads readers through business-logic object analysis, database design, Java servlet UIs, Java Server Pages (JSP) UIs, Swing GUIs, and Standard Widget Toolkit (SWT) GUIs. Scaling up to the enterprise level provides the opportunity to use both the JBoss Application Server and the Apache Geronimo Application Servers, and Enterprise JavaBeans (EJB).

The authors conclude by demonstrating how a hierarchy of budgets can be created, tracked, and shared with Concurrent Versions System (CVS). Java™ Application Development on Linux® can propel you from a standing start to the full-speed development and deployment of Java applications on Linux.

By Carl Albing, Michael Schwarz. Published by Prentice Hall. Part of the Bruce Perens' Open Source Series.

Instant access to precise, step-by-step solutions for every essential Linux administration task from basic configuration and troubleshooting to advanced security and optimization.

If you're responsible for delivering results with Linux, Linux® Quick Fix Notebook brings together all the step-by-step instructions, precise configuration commands, and real-world guidance you need. This distilled, focused, task-centered guide was written for sysadmins, netadmins, consultants, power users...everyone whose livelihood depends on making Linux work, and keeping it working.

This book's handy Q&A format gives you instant access to specific answers, without ever forcing you to wade through theory or jargon. Peter Harrison addresses virtually every aspect of Linux administration, from software installation to security, user management to Internet services--even advanced topics such as software RAID and centralized LDAP authentication. Harrison's proven command-line examples work quickly and efficiently, no matter what Linux distribution you're using. Here's just some of what you'll learn how to do:

This Tech Dossier will outline proven best practices to mitigate risk and embrace mobility without trepidation.

Security has eroded over the past decade as companies strive to create applications for multiple platforms by farming design and development out to subcontractors. This trend has strained the processes and governance put in place to ensure application security.

Download your free copy of "There's an App for That, But is it Secure?" -- here

whiptail is a lightweight replacement for dialog, to provide dialog boxes for shell scripts. It is built on the newt windowing library rather than the ncurses library, allowing it to be smaller in embedded environments such as installers, rescue disks, etc.

Recovery of supposedly erased data from magnetic media is easier than what many people wouldlike to believe. A technique called Magnetic Force Microscopy (MFM) allows any moderately funded opponent to recover the last two or three layers of data written to disk; wipe repeatedly overwrites special patterns to the files to be destroyed, using the fsync() call and/or the O_SYNC bit to force disk access. In normal mode, 34 patterns are used (of which 8 are random). These patterns were recommended in an article from Peter Gutmann (pgut001@cs.auckland.ac.nz) entitled "Secure Deletion of Data from Magnetic and Solid-State Memory". A quick mode allows you to use only 4 passes with random patterns, which is of course much less secure.

Encrypting a whole partition with cryptoloop, for example, does not help very much either, since there is a single key for all the partitions.

Therefore wipe is best used to sanitize a harddisk before giving it to untrusted parties (i.e. sending your laptop for repair, or selling your disk).

yamdi stands for Yet Another MetaData Injector and is a metadata injector for FLV files. It adds the onMetaData event to your FLV files. yamdi should run under *BSD, Linux and Windows and is published under the BSD license.

Archivemount is a FUSE based file system for Unix variants, including Linux. Its purpose is to mount archives to a mount point where it can be read from or written to as with any other file system. This makes accessing the contents of the archive, which may be compressed, transparent to other programs, without decompressing them. The archive formats that archivemount supports are:

Sound Juicer is an application front-end to the Cdparanoia CD ripping library. It allows the user to extract audio from compact discs and convert it into audio files that a personal computer or digital audio player can understand and play. It supports ripping to any audio codec supported by a GStreamer plugin, such as mp3 (via LAME), Ogg Vorbis, FLAC and uncompressed PCM formats.

Sound Juicer is designed to be easy to use and to work with little user intervention. For example, if your computer is connected to the Internet, it will automatically attempt to retrieve track information from the freely-available MusicBrainz service. Sound Juicer is free and open source software and an official part of the GNOME desktop environment starting with version 2.10.

Download this kit to learn everything you need to know about Information Security.

The Essentials of Information Security bring together the latest in information, coverage of important developments, and expert commentary to help with your Information Security related decisions.

The following kit contents will help you get the most out of your Information Security research:
* PC Security Handbook - 2nd Edition
* Research Report: How the Major Mobility Platforms Compare in TCO and Security
* Virtualization Maturity and Experience Breed Success
* Securing Your Journey to the Cloud

GNUMP3d is a streaming server for MP3s, OGG vorbis files, movies and other media formats.

GNUMP3d designed to be:
* Small, stable, portable, self-contained, and secure.
* Simple to install, configure, and use.
* Portable across different varieties of Unix, the GNU Operating System, and Microsoft Windows platforms.

GNUMP3d Requirement:
You need to have apache installed and configured for GNUMP3d to work
For Apache installation and configuration - hereGNUMP3d Installation:
Downloaded the GNUMP3d source code - here
GNUMP3d installation should require no more than the following:-

Storybook is a free Open Source novel-writing software for creative writers, novelists and authors. Starting with the plot to the finished book — with Storybook you'll never lose the overview. Storybook helps you to keep an overview of multiple plot-lines while writing books, novels or other written works.

Storybook assists you in structuring your book
Manage all your data such as characters, locations, scenes, items, tags and ideas in one place. A simple interface is provided to enable you to assign your defined objects to each scene and to keep an overview of your work with user-friendly chart tools. With Storybook Memoria each object can be tracked in relation to time.

Intel Linux Graphics Installer allows you to easily install the latest graphics drivers for your Intel graphics hardware. This allows you to stay current with the latest enhancements, optimizations, and fixes to ensure the best user experience with your Intel graphics hardware.

Ubuntu
Ubuntu's packages and repositories are signed with this GPG key.
In order to "trust" the Intel Linux Graphics Installer, you will need to add a key to Ubuntu's software package manager ("apt"). Open a terminal, and execute this line:

In this paper, Frost & Sullivan examine historical concerns about Linux virtualization, and assess why, when, and how enterprises can safely virtualize their critical Linux workloads.

Virtualization technologies have gained a strong footing in enterprise data centers in recent years. According to Frost & Sullivan research, 65 percent of all U.S. businesses have incorporated virtualization into their data centers. For many of those, the commitment to virtualization is serious -- 20 percent have virtualized more than three-quarters of their servers--a number that is expected to double in the next two years.

Threats to the security of your network will never completely go away, but the ability to prepare for, recognize and quickly remediate these threats should be a part of day-to-day company operations.

This white paper gives you eight essentials for managing vulnerabilities in a network including internal and external assessments, how frequently you should run scans for threats and the importance of broadening testing beyond basic network services and operating systems.

unoconv Features:
* Converts between different document formats that OpenOffice understands
* OpenOffice can export to about 100 different document formats
* Can be used for batch processing
* Combines with asciidoc and docbook2odf/xhtml2odt to create PDF or Word (.doc) files
* Can apply custom style templates during conversion (to enforce corporate identity)
* Autostarts OpenOffice for processing if necessary
* Can be used in a client/server environment to process documents centrally
* Can influence OpenOffice filters during import and export
* Supports OpenOffice on Linux, Windows and MacOSX

Profile-sync-daemon (psd) is a diminutive pseudo-daemon designed to manage your browser's profile in tmpfs and to periodically sync it back to your physical disc (HDD/SSD). This is accomplished via a symlinking step and an innovative use of rsync to maintain back-up and synchronization between the two. One of the major design goals of psd is a completely transparent user experience.

Running this daemon is beneficial for two reasons:

Reduced wear to physical discs
Speed

Since the profile(s), browser cache*, etc. are relocated into tmpfs (RAM disk), the corresponding onslaught of I/O associated with using the browser is also redirected from the physical disc to RAM, thus reducing wear to the physical disc and also greatly improving browser speed and responsiveness. For example, the access time of RAM is on the order of nanoseconds while the access time of physical discs is on the order of milliseconds. This is a difference of six orders of magnitude or 1,000,000 times faster.

mod_rewrite module uses a rule-based rewriting engine (based on a regular-expression parser) to rewrite requested URLs on the fly. It supports an unlimited number of rules and an unlimited number of attached rule conditions for each rule to provide a really flexible and powerful URL manipulation mechanism. The URL manipulations can depend on various tests, for instance server variables, environment variables, HTTP headers, time stamps and even external database lookups in various formats can be used to achieve a really granular URL matching.

mod_rewrite module operates on the full URLs (including the path-info part) both in per-server context (httpd.conf) and per-directory context (.htaccess) and can even generate query-string parts on result. The rewritten result can lead to internal sub-processing, external request redirection or even to an internal proxy throughput

Open up your apache configuration file (httpd.conf) or the virtual host file and insert the following lines to redirect the http request to https

Darktable is an open source photography work-flow application and RAW developer. A virtual lighttable and darkroom for photographers. It manages your digital negatives in a database, lets you view them through a zoom able lighttable and enables you to develop raw images and enhance them.

It focuses on the work-flow to make it easier for the photographer to quickly handle the thousands of images a day of shooting can produce. It's also one of the very few FOSS projects able to do tethered shooting.

The internal architecture of darktable allows users to easily add modules for all sorts of image processing, from the very simple (crop, exposure, spot removal) to the most advanced (simulation of human night vision).

The user interface is built around efficient caching of image meta-data and mipmaps, all stored in a database. The main focus lies on user interaction, both in terms of a smooth interface design as well as processing speed. High quality output is also one of our goals.

Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection. In addition, threat data is also derived from user submissions with the LMD checkout feature and from malware community resources. The signatures that LMD uses are MD5 file hashes and HEX pattern matches, they are also easily exported to any number of detection tools such as ClamAV.

Many IT professionals are drawn by the savings that Linux® brings to the data center but are concerned about the potential uptime and data protection risks that arise from trusting their business-critical applications to “free” or native software.

Native Linux solutions also prove challenging with required manual scripting and lack of automated operations and management. For business-critical data center applications, the complete line of Symantec high availability, data protection, backup and recovery, disaster recovery and storage management offerings deliver UNIX-class performance, scalability, administration, and support on Linux.

App Inventor is an easy and fun way for the uninitiated to learn about computer programming, and is at the same time a productive tool for advanced programmers alike.

For most, the underlying technology that makes an app ‘tick' is shrouded in mystery. This has been a boon for programming experts and has spurned a very profitable niche for professional programmers who are paid to research, develop, and build these apps. But what if you have an idea for the “next big thing” - or even the “next little thing” for that matter - with no programming skills to speak of and, for whatever reason, you don't want to hand over your idea to a professional and pay to have it developed? In the past, if you weren't an app programmer yourself, you would have had the option to

(a) do nothing, of course,
(b) be brave and trust your idea in the hands of a developer, or
(c) develop your programming skills and learn how to build the darn thing yourself.

Well, now there is hope for non-programmers. Recently, thanks to a collaboration between Google and MIT, the world of mobile app creation has been opened to everyone with App Inventor, which is a web-based development platform, making option (c) not so out of reach for many.

Subsonic is a free, web-based media streamer, providing ubiquitous access to your music. Use it to share your music with friends, or to listen to your own music while at work. You can stream to multiple players simultaneously.

Subsonic is designed to handle very large music collections (hundreds of gigabytes). Although optimized for MP3 streaming, it works for any audio or video format that can stream over HTTP, for instance AAC and OGG. By using transcoder plug-ins, Subsonic supports on-the-fly conversion and streaming of virtually any audio format, including WMA, FLAC, APE, Musepack, WavPack and Shorten.

If you have constrained bandwidth, you may set an upper limit for the bitrate of the music streams. Subsonic will then automatically resample the music to a suitable bitrate.

In addition to being a streaming media server, Subsonic works very well as a local jukebox. The intuitive web interface, as well as search and index facilities, are optimized for efficient browsing through large media libraries. Subsonic also comes with an integrated Podcast receiver, with many of the same features as you find in iTunes.

Cloud computing is a service delivery model that provides on-demand computing and storage services. Clouds may be public and open to all users, private and available only to users within an organization, or a hybrid. Although public clouds offer valuable services for businesses, this cloud model requires sound practices to maintain adequate security.

Secure Sockets Layer (SSL) certificates are essential to implementing the encryption and authentication services used with cloud computing resources. When both cloud providers and their customers implement security best practices, they can comply with the demands of government and industry regulations as well as overcome security concerns. This white paper explores SSL technologies as an essential element of sound cloud security practices.

Offered Free by: VeriSign Authentication Services, now a part of Symantec Corp

A network socket is an endpoint of an inter-process communication flow across a computer network. Today, most communication between computers is based on the Internet Protocol; therefore most network sockets are Internet sockets.

In Perl, IO::Socket::INET provides an object interface to creating and using sockets in the AF_INET domain. It is built upon the IO::Socket interface and inherits all the methods defined by IO::Socket.

Polymorphism means that methods defined in the base class will override methods defined in the parent classes and is mainly used to add or extend the functionality of an existing class without reprogramming the whole class.

The following simple Perl code demonstrate the concepts of Polymorphism (Method overriding):

Source: Polymorphism.pl
#!/usr/bin/perl

package parent;
sub foo {
print "Inside the parent. \n";
}

# Inheritance is accomplished by placing the names of parent classes into a special array called @ISA.

eval in Perl is something like try .. catch block in Java, The statement eval { ... } catches an exception that was given inside it, and after it sets the special variable $@ to be the value of the exception or undef if none was caught.

If there is a syntax error or runtime error, or a die() statement is executed, an undefined value is returned by eval(), and $@ is set to the error message. If there was no error, $@ is guaranteed to be a null string. Beware that using eval() neither silences perl from printing warnings to STDERR, nor does it stuff the text of warning messages into $@.

There are many Perl defined system variables that you can use in your script, one of them is "$!", When used in a numeric context, holds the current value of errno. If used in a string context, will hold the error string associated with errno.

Below is simple Perl script which prints all available system error message and their corresponding error codes.

"Zero Day Exploits"
A zero day exploit is an attack that was previously unknown to the target or security experts in general.

For several years, most news articles about a computer, network, or Internet compromise has mentioned the phrase "zero day exploit" or "zero day attack," but rarely do these articles define what this is.

Many believe that the term refers to attacks that were just released into the wild or developed by hackers in the current calendar day. This is generally not the case. The "zero day" component of the term refers to the lack of prior knowledge about the attack. That the victim has zero day's notice of an attack. The main feature of a zero day attack is that since it is an unknown attack, there are no specific defenses or filters for it. Thus, a wide number of targets are vulnerable to the exploit.

Inheritance provides a powerful and natural mechanism for organizing and structuring your code.In object-oriented programming, inheritance is a way to form new classes using classes that have already been defined. The new classes, known as derived classes, take over (or inherit) attributes and behavior of the pre-existing classes, which are referred to as base classes (or ancestor classes). It is intended to help reuse existing code with little or no modification.

In Perl, Inheritance is accomplished by placing the names of parent classes into a special array called @ISA in your child class.

Below is simple Perl script which demonstrate the usage of Package Inheritance:

A binary file is a computer file that is not a text file; it may contain any type of data, encoded in binary form for computer storage and processing purposes.

If you want to open a file and read its content in binary mode, you should use the following functions:
* open() to open the file to a file handle.
* binmode() to set the file handle to binary mode.
* read() to read data from the file handle.
* close() to close the file handle.

Bash does not support floating point operations but it's possible to redirects these Math operation to some other program (bc).

The "bc" calculator comes as a part of your Linux distro, so there's no need for you to install anything extra. In addition to performing simple math functions, it can also perform conversions between different number systems, perform a number of scientific math functions, and can even run programs that you write and save in a text file. look the bc man pages for more details.

Below is simple bash script which demonstrate the usage of bc commands in the script

"A Multi-Level Approach to Addressing Targeted Attacks"
88% of targeted malware is NOT detected by anti-virus according to research by Trustwave.

Targeted malware is tailor-designed to take advantage of an organization's specific device(s), data networks or a specific employee. Taking a multi-level approach, using many solutions, businesses can enable wider coverage for all types of targeted malware, reducing the attack surface and preventing attacks.

Download this paper and learn about:
* The current state of targeted attacks
* How and why targeted attacks work
* Multi-level defenses to combat malware and persistent threats
* Targeted attacks are increasing in number and complexity - every business is at risk.

Download this paper now to find out how to improve your security and protect your business - here

This is something different that including the package/modules, the require function provides a way to break your program into separate files and create libraries of functions.

NOTE: The last expression evaluated inside a file included by require becomes the return value. The require function checks whether this value is zero, and terminates if it is so, in this case make sure to return some non-zero value from withing your include file and the best way to do is to insert the 1; at the end of this include file.

Below Perl script show the way to include another Perl script within the Perl script.

The Perl sort function sorts a string ARRAY by an ASCII numeric value and numbers using alphanumerical order and returns the sorted list value.

The problem is that capital letters have a lower ASCII numeric value than the lowercase letters so the words beginning with capital letters will be shown first, so in order to get the desire result we need to do something else to this default sort functionality provide by the Perl.

The Perl sort function uses two operators: cmp and <=>, you can use the cmp (string comparison operator) or <=> (the numerical comparison operator) and also uses two special variables $a and $b are compared in pairs by sort to determine how to order the list.

Below is simple Perl script which demonstrate the usage of the sort functionality of Perl, feel free to copy and use this script.

This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.

For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.